Plurilock Launches Generative AI ‘Guardrails’ Product for Workforces
Generative AI tools have conquered the workplace, especially large language model-based (LLM) chatbots like OpenAI’s ChatGPT and Google’s Bard.These powerful...
Russian Prosecutor Asks for 18 Years in Jail for Group-IB Founder
The Russian state prosecution asked the Moscow City Court to impose 18 years in a strict colony regime on Ilya...
Chinese Hackers Breached Ambassador’s Email
A Chinese cyber-espionage campaign revealed by Microsoft last week compromised the government email account of the US ambassador to China...
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on July 18, 2023. These...
CISA: Adobe Releases Security Updates for ColdFusion
Adobe Releases Security Updates for ColdFusion Adobe has released security updates to address a critical vulnerability (CVE-2023-38203) affecting ColdFusion(link is...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for July...
CISA: Citrix Releases Security Updates for NetScaler ADC and Gateway
Citrix Releases Security Updates for NetScaler ADC and Gateway Citrix has released security updates to address vulnerabilities (CVE-2023-3519, CVE-2023-3466, and...
CISA: Atlassian Releases Security Updates
Atlassian Releases Security Updates Atlassian has released its Security Bulletin for July 2023(link is external) to address vulnerabilities in Confluence Data...
CISA: CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519
CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519 The Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on July 20, 2023. This...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
US-CERT Vulnerability Summary for the Week of July 10, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoelra -- parkmatikImproper Neutralization of Special Elements used in an SQL Command...
HackerOne Bug Bounty Disclosure: b-password-reset-endpoint-is-not-brute-force-protected-b-rullzer
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'rullzer'Link to Submitters Profile:https://hackerone.com/b'rullzer' Report Title:b'Password reset endpoint is not brute force...
CISA: Atlassian Releases Security Updates
Atlassian Releases Security Updates Atlassian has released its Security Bulletin for July 2023(link is external) to address vulnerabilities in Confluence Data...
Posh C2 Detected – 103[.]230[.]142[.]243:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Akira Ransomware Victim: Bright Future Electr ic, LLC
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Yamaha Canada Music Ltd
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
myCred plugin for WordPress cross-site request forgery | CVE-2023-35096
NAME__________myCred plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress myCred plugin for WordPress 2.5Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________myCred plugin for WordPress is...
Recipe Maker For Your Food Blog from Zip Recipes plugin for WordPress cross-site request forgery | CVE-2023-35089
NAME__________Recipe Maker For Your Food Blog from Zip Recipes plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Recipe Maker For Your...
InfoDoc Document On-line Submission and Approval System server-side request forgery | CVE-2023-37290
NAME__________InfoDoc Document On-line Submission and Approval System server-side request forgeryPlatforms Affected:InfoDoc Document On-line Submission and Approval System 22547 InfoDoc Document...
WooCommerce Ship to Multiple Addresses plugin for WordPress cross-site request forgery | CVE-2023-36514
NAME__________WooCommerce Ship to Multiple Addresses plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress WooCommerce Shipping Multiple Addresses 3.8.5Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________WooCommerce...
Open Enclave security bypass | CVE-2023-37479
NAME__________Open Enclave security bypassPlatforms Affected:Open Enclave Open Enclave SDK 0.19.2Risk Level:5.9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Open Enclave could allow a remote attacker to...
